[strongSwan] per-connection plugins ?
Justin Pryzby
pryzby at telsasoft.com
Sun Apr 3 16:38:42 CEST 2016
On Mon, Mar 28, 2016 at 11:39:04AM -0500, Justin Pryzby wrote:
> Is it possible to enable plugins selectively by connection ? The ones I'm
> interested in are cisco unity and libipsec.
On Mon, Mar 28, 2016 at 01:38:46PM -0500, Justin Pryzby wrote:
> This could also be solved if it were possible to set a charon option for a
> single connection: routing_table or routing_table_prio. Our firewall can have
> static routes to the individual remote IPs/32.
Another use case for (currently) daemon-wide charon options instead as a
per-connection property:
charon.initiator_only
This would allow/help to debug a peer which seems to always initiate to us
(succcessfully), but refuses our phase 2 proposal when we initiate.
racoon.conf has a per-peer setting: passive (on|off);
Justin
More information about the Users
mailing list